· Announcements  · 2 min read

Introducing SafeLLM: The Only AI Security Plugin for Apache APISIX

There was no AI security plugin for Apache APISIX. Now there is. Introducing SafeLLM — 100% air-gapped, CPU-ready, GDPR-compliant protection for your LLMs.

There was no AI security plugin for Apache APISIX. Now there is. Introducing SafeLLM — 100% air-gapped, CPU-ready, GDPR-compliant protection for your LLMs.

The Gap in the Market

If you’re using Apache APISIX as your API gateway and want to secure your LLM endpoints, you had exactly zero options. Until now.

There are AI moderation pipelines from OpenAI. There’s LLM Guard. There’s Rebuff. But none of them integrate with APISIX. None of them are designed as a sidecar for your existing infrastructure.

SafeLLM is the first and only AI security gateway built specifically for Apache APISIX.

Why This Matters

  • You already use APISIX — why add another gateway just for AI security?
  • You need air-gapped deployment — cloud moderation APIs won’t work for banks, defense, or enterprises like Apple
  • You don’t have GPU infrastructure — and shouldn’t need it for basic protection
  • You need compliance out of the box — GDPR, SOC2, EU AI Act, all covered

Our Defense-in-Depth Approach

SafeLLM implements a Waterfall Security Pipeline:

  • L0: Semantic Cache — Reduces API costs by up to 80%
  • L1: Keyword Guard — O(1) blocking of known attack patterns
  • L1.5: PII Shield — Dual-mode detection (fast regex or AI GLiNER)
  • L2: AI Guard — Neural network detection of sophisticated prompt injections

Each layer short-circuits: dangerous requests are blocked immediately, saving resources.

100% Air-Gapped, 100% CPU-Ready

Unlike 75% of AI gateways that phone home, SafeLLM runs completely offline:

  • All ONNX/GLiNER models are loaded locally
  • Your prompts never touch external servers
  • No GPU required — optimized for CPU deployment
  • Deploy on your existing fleet without hardware changes

Open Source + Enterprise

We believe in building trust through transparency. The OSS edition includes:

  • L0-L1.5 pipeline (cache, keywords, regex PII)
  • Docker & Kubernetes deployment
  • Full APISIX integration
  • Apache 2.0 license

Enterprise adds: AI Guard (ONNX), GLiNER PII, Redis Sentinel HA, Dashboard, Air-Gapped mode, and something no one else offers — direct access to our engineers for custom implementations.

Get Started in 5 Minutes

git clone https://github.com/safellmio/safellm-apisix-gateway-sidecar
cd safellm
docker compose up -d

For Enterprise inquiries, book a technical deep-dive. We’re a small team, and we actually care — every customer matters to us.

SafeLLM is EU-based and insured (Professional Indemnity + Cyber Liability, up to €1M). We understand European regulations because we live them.

Share:
Back to Blog

Related Posts

View All Posts »